<html>
<head>
<title>Module mod_auth_anon.c</title>
</head>
<body>
<!--#include virtual="header.html" -->
<H1>Module mod_auth_anon</H1>

This module is contained in the <code>mod_auth_anon.c</code> file and
is compiled in by default. It is only available in Apache 1.1 and
later.
<p>
It does access control in a manner similar to anonymous-ftp sites; i.e.
have a 'magic' user id 'anonymous' and the email address as a password.
These email addresses can be logged.
<p>
Combined with other (database) access control methods, this allows for
effective user tracking and customization according to a user profile
while still keeping the site open for 'unregistered' users. One advantage
of using Auth-based user tracking is that, unlike magic-cookies and
funny URL pre/postfixes, it is completely browser independent and it
allows users to share URLs.
<p>

<a href="#FullDescription">Full description</a> /
<a href="#Example">Example</a> /
<a href="#CompileTimeOptions">Compile time options</a> /
<a href="#RevisionHistory">RevisionHistory</a> /
<a href="#Person">Person to blame</a> /
<a href="#Sourcecode">Sourcecode</a>
<p>

<hr><h2><a name="FullDescription">Full description of all tokens</a></h2>
<dl>

<code><dt>
Anonymous &lt; Space separated list &gt
</code></dt><dd>
	A list of one or more 'magic' userIDs which are allowed access
	without password verification. The userIDs are space separated.
	It is possible to use the ' and " quotes to allow a space in
	a userID as well as the \ escape character.
	<p>
	Please note that the comparison is <b>case-IN-sensitive</b>.
	<br>
	I strongly suggest that the magic username '<code>anonymous</code>'
	is always one of the allowed userIDs.
	<p>
	Example:<br>
	<code>
	Anonymous: anonymous "Not Registered" 'I don\'t know'
	</code><p>
	This would allow the user to enter without password verification
	by using the userId's 'anonymous', 'AnonyMous','Not Registered' and
	'I Don't Know'.
</dd>

<code><dt>
Anonymous_LogEmail &lt; on | off &gt
</code></dt><dd>
	When set 'on', the default, the 'password' entered (which hopefully
	contains a sensible email address) is logged in the httpd-log file.
</dd>

<code><dt>
Anonymous_VerifyEmail &lt; on | off &gt
</code></dt><dd>
	When set 'on', the default is 'off', the 'password' entered is
	checked for at least one '@' and a '.' to encourage users to enter
	valid email addresses (see the above <code>Auth_LogEmail</code>.
</dd>

<code><dt>
Anonymous_NoUserID &lt; on | off &gt
</code></dt><dd>
	When set 'on', the default is 'off', users can leave
	the userID (and perhaps the password field) empty. This
	can be very convenient for MS-Explorer users who can
	just hit return or click directly on the OK button; which
	seems a natural reaction.
</dd>

<code><dt>
<a name="Authorative">Anonymous_Authorative &lt; on | off &gt</a>
</code></dt><dd>
        Default is 'off'. When set 'on', there is no
        fall-through to other authorization methods. So if a
        userID does not match the values specified in the
	<code>Anonymous</code> directive, access is denied.
	<p>
	Be sure you know what you are doing when you decide to switch 
	it on. And remember that it is the linking order of the modules
	(in the Configuration / Make file) which details the order
	in which the Authorization modules are queried.
</dd>

</dl>


<hr><a name="Example"><h2>Example</h2></a>

The example below (when combined with the Auth directives
of a htpasswd-file based (or GDM, mSQL etc) base access
control system allows users in as 'guests' with the
following properties:
<ul>
<li>
It insists that the user enters a userId. (<code>Anonymous_NoUserId</code>)
<li>
It insists that the user enters a password. (<code>Anonymous_MustGiveEmail</code>)
<li>
The password entered must be a valid email address, ie. contain at least one '@' and a '.'.
(<code>Anonymous_VerifyEmail</code>)
<li>
The userID must be one of <code>anonymous guest www test welcome</code>
and comparison is <b>not</b> case sensitive.
<code>&lt;directory /web/docs/public&gt;</code>
<li>
And the Email addresses entered in the passswd field are logged to
the httpd-log file
(<code>Anonymous_LogEmail</code>)
</ul>
<p>
Excerpt of access.conf:
<dl>
<dt><code>
Anonymous        anonymous guest www test welcome<p>
Anonymous_MustGiveEmail	on<br>
Anonymous_VerifyEmail    on<br>
Anonymous_NoUserId    	off<br>
Anonymous_LogEmail    	on<br>
<p>
AuthName                Use 'anonymous' & Email address for guest entry<br>
AuthType                basic<p>

</code></dt>
<dd>
                Normal Apache/NCSA tokens for access control
                <p>
                <code>&lt;limit get post head&gt</code><br>
                <code>order deny,allow          </code><br>
                <code>allow from all            </code><br>
                <p>
                <code>require valid-user        </code><br>
                <code>&lt;limit&gt              </code><br>
</dd>
</dl>


<hr><h2><a name="CompileTimeOptions">Compile Time Options</a></h2>

Currently there are no Compile options.

<hr><h2><a name="RevisionHistory">Revision History</a></h2>

This version: 23 Nov 1995, 24 Feb 1996, 16 May 1996.

<dl>

<dt>Version 0.4<br></dt>
    <dd>First release
    </dd>
<dt>Version 0.5<br></dt>
    <dd>Added 'VerifyEmail' and 'LogEmail' options. Multiple
	'anonymous' tokens allowed. more docs. Added Authorative
	functionality.
    </dd>
</dl>


<hr><h2><a name="Person">Contact/person to blame</a></h2>

This module was written for the
<a href="http://ewse.ceo.org">European Wide Service Exchange</a> by
&lt<a href="mailto:Dirk.vanGulik@jrc.it"><code>Dirk.vanGulik@jrc.it</code></a>&gt.
Feel free to contact me if you have any problems, ice-creams or bugs. This
documentation, courtesy of Nick Himba, <a href="mailto:himba@cs.utwente.nl">
<code>&lt;himba@cs.utwente.nl&gt;</code></a>.
<p>


<hr><h2><a NAME="Sourcecode">Sourcecode</a></h2>

The source code can be found at <a href="http://www.apache.org"><code>
http://www.apache.org</code></a>. A snapshot of a development version
usually resides at <a href="http://me-www.jrc.it/~dirkx/mod_auth_anon.c"><code>
http://me-www.jrc.it/~dirkx/mod_auth_anon.c</code></a>. Please make sure
that you always quote the version you use when filing a bug report.
<p>

<!--#include virtual="footer.html" -->
</body>
</html>

